package com.mryin.Realm;

import com.mryin.common.ActiveUser;
import com.mryin.common.WebUtils;
import com.mryin.pojo.User;
import com.mryin.pojo.UserRole;
import com.mryin.service.UserPermissionService;
import com.mryin.service.UserRoleService;
import com.mryin.service.UserService;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Lazy;

import java.util.List;

/**
 * @author: Mr.Yin
 * @create: 2021-02-26 21:04
 **/

public class UserRealm extends AuthorizingRealm {

    @Autowired
    @Lazy
    private UserService userService ;

    @Autowired
    @Lazy
    private UserRoleService userRoleService ;

    @Autowired
    @Lazy
    private UserPermissionService userPermissionService ;

    /**
     *  授权
     * @param principalCollection
     * @return
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        // 获取认证传递过来的对象集
        ActiveUser active = (ActiveUser) principalCollection.getPrimaryPrincipal();
        // 获取权限
        List<String> permissions = active.getPermissions();
        System.out.println("权限啊" + permissions);
        // 获取角色
        List<String> roles = active.getRoles();
        // 获取用户
        User user = active.getUser();
        // 判断是否为超级管理员
        if (user.getRoleId() == 1) {
            info.addStringPermission("*:*");
        } else {
            // 不是超级管理员
            if (null != roles && roles.size() > 0) {
                roles.forEach(System.out::println);
                info.addRoles(roles);
            }
            if (null != permissions && permissions.size() > 0) {
                permissions.forEach(System.out::println);
                info.addStringPermissions(permissions);
            }
        }
        return info;
    }

    /**
     * 认证
     * @param authenticationToken
     * @return
     * @throws AuthenticationException
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        //获取认证信息
        System.out.println("我是认证=》AuthenticationInfo");
        UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) authenticationToken;
        String username1 = usernamePasswordToken.getUsername();
        System.out.println(username1);
        char[] password = usernamePasswordToken.getPassword();
        System.out.println(password);

        String username = authenticationToken.getPrincipal().toString();
        //判断信息是否存在
        User user = userService.queryUserByLoginName(username);
        if (null != user) {
            // 储存起来
            ActiveUser activeUser = new ActiveUser();
            activeUser.setUser(user);
            // 根据用户ID  查询角色名称的集合
            List<String> roles = this.userRoleService.queryRolesByUserId(user.getId());
            roles.forEach(role ->{
                System.out.println("我是所有得角色集合=>"+role);
            });
            // 根据用户ID  查询权限编码的集合
            List<String> permissions = this.userPermissionService.queryPermissionsByUserId(user.getId());
            permissions.forEach(permission->{
                System.out.println("我是所有得权限集合=>"+permission);
            });
            activeUser.setRoles(roles);
            activeUser.setPermissions(permissions);
            /* 设置当前用户 给到共享线程 */
            WebUtils.setThisName(user);
            // 进行认证
            return new SimpleAuthenticationInfo(activeUser, user.getPassword(), getName());

        }
        return null;
    }
}